1. Field of the Invention
The present invention relates to a data storage device that enhances the security of the data storage device in informational space connected to a network, especially the Internet.
2. Description of the Related Art
As a conventional technique relating to the invention, the firewall and the file encryption techniques should be referred to.
The firewall technique installs a host machine called the firewall gateway at the interface between the internal network and the external network, monitors the communication coming into the internal network from the external network, and connects only a secure communication to the internal network.
On the other hand, the file encryption technique encrypts files stored in hard disks, etc., to thereby protect the data of the files. This technique prevents the confidential data from being read, against internal attacks as well as external attacks. Also, it prevents the data stored in the memories from being destroyed or tampered with.
First of all, the problems of the firewall technique will be discussed.
The Internet materializes the ideal of informational environment connecting anyone at any place, at anytime, which is remarkably spreading. It is conceived that everyone on earth will be connected to the Internet in the near future. In this space created by the Internet, called the cyber space, the reconstruction of the real world is in progress. Business is no exception. New forms of business, generally called the cyber business, are being created one after another. As the cyber space is increasingly used, various problems thereof are starting to draw attention. There are two major problems: the first one is the compatibility of the free use of information with the management of the rights, and the second one is the compatibility of the free use of information with the security. The first one relates to the copyrights and the rights to intellectual properties, the problem as to how these confronting problems should be treated. To this problem, Ryoichi Mori, a former professor at University of Tsukuba, has proposed the theory of “super distribution” (Japanese Published Examined Patent Application No. Hei 6-95302), and many manufacturers and organizations are following this theory, examining it in practice, and gradually starting to adopt it. The second problem relates to the security (privacy, authenticity, preservation) of information. This directly concerns the securing of safety against destruction, tapping, and tampering of data by the third party.
There are two major threats to the security of information in the cyber space where the Internet plays a major role. The first is the attacks (an illegitimate accesses) by people inside the network, usually called “the enemy within the gate”. Here, the people inside the network signifies the users within the network, including the system managers and system organizers. It has been said from the past record that most of the computer crimes are internal. The statistics of the police department shows the figure of 69%, and this fact is endorsed by the recent cases. The second is the intruders from the outside of the network, so-called third parties including criminals, crackers, spies, industrial spies, terrorists, etc. These intrusions occur, because the Internet is connected to unspecified numbers of people and is an information system with high anonymity, unlike the network that used to have a certain limitation. This is why the Internet is quoted as a lawless area without borders. As countermeasures against the threats by the third parties, the encryption technique for protecting the transaction from being tapped, and the firewall technique for preventing the intrusion into the network have become significant.
To the internal network are connected various host computers, each of which implements various processes. So the purpose and level of the security required differ depending on each host. However, since the firewall technique implements intensive security at the firewall gateway, it is impossible to implement tight security based on the processing contents of the host computers connected to the internal network and the contexts of the communication. Therefore, dangerous communications are eliminated with a protocol level of rough information such as IP addresses and port numbers as the only clue. For this reason, dangerous communications to specific hosts can pass through the supervision of the firewall into the internal network.
Also, the firewall has a merit of avoiding drop-outs and leakage by making every communication pass through a specific firewall gateway; however viewing this in reverse, this means that if the gateway machine is intruded, there will not be any other technique to guarantee security.
Using the encryption technique can partially compensate for the above mentioned flaws of the firewall. In other words, the encryption and key management of the file become possible so as to match the form in which each host is used. And, even if the firewall gateway is intruded, the contents of the file can be protected at the host level.
However, the file encryption technique is effective to attack of reading the contents of the file, and it cannot be a measure for attacks intended to destroy the file itself. Actually, an attack attempting to destroy the file can be made by far easier than an attack trying to read the file, and a damage by a successful attack is extremely serious.
Whether it is an enemy within the gate or an external third party, the direct attack is made to the information file stored in the memory/memory unit of a personal computer or a work station. The purpose of the attack is to destroy, tamper with, and tap the file. A major countermeasure for tapping is to encrypt the information. Therefore, in order to tap, the criminal will have to decipher the cipher, which is not so easy. But tampering and destruction do not always require decryption of the cipher, and simple rewriting or erasing of the information will suffice for tampering and destruction. They are much easier to do, and damage is more significant. Also, intruders to the memory/memory unit are always logged. But it is a basic rule for crackers and hackers to erase their logs, so they log off without leaving any trace of their intrusion.
One major cause enabling this logging off without leaving a trace is attributed to the capability of rewriting the information by the hard disk drive using a magnetic recording medium, which is currently the core of the memory/storage technique. In the real world, information is written on papers, and if it is to be tampered with or erased, there will be some kind of a trace, which has given a suppressive force to these attacks. But in the era of the Internet, since unspecified numbers of people are connected to the network, yet the level of anonymity is high, and the proof of these illicit actions can be erased, these illegal acts such as destruction and tampering are induced and encouraged.